Filtered by vendor Redhat
Subscriptions
Filtered by product Confidential Compute Attestation
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8941 | 1 Redhat | 8 Confidential Compute Attestation, Enterprise Linux, Rhel Aus and 5 more | 2025-09-11 | 7.8 High |
| A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. | ||||
| CVE-2025-6020 | 1 Redhat | 10 Confidential Compute Attestation, Discovery, Enterprise Linux and 7 more | 2025-09-11 | 7.8 High |
| A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. | ||||
| CVE-2025-5914 | 2 Libarchive, Redhat | 13 Libarchive, Confidential Compute Attestation, Enterprise Linux and 10 more | 2025-09-11 | 7.3 High |
| A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. | ||||
| CVE-2025-5791 | 1 Redhat | 4 Confidential Compute Attestation, Enterprise Linux, Openshift and 1 more | 2025-07-31 | 7.1 High |
| A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list. | ||||
Page 1 of 1.